Got my CCENT & CCNA (r&S). Whats next for me to enter infosec field?

I have been working in IT help desk for over 15 years in level 2 and 3 resolving complex workflow related issues and have just basic exposure to trouble shooting network and security related problems. But just very basic.
I cleared my CCNA exam very well so wondering how do I go about InfoSec field. I want something similar to CISSP or CCIE. CISSP seems a better fir as I am more inclined towards management/audit/ sales/ marketing/ consultative fields rather than too much hands on techy stuff.
So the big question is what should be next step?
CCNA Security?
Security Plus?
CCIE Security?
Any thing else that can provide me a good foundation of security field AND a decent job that pays close to 75K at least in 2/3 years.
Will appreciate any advice.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Cisco Inferno

Good aspiration. I would definitely consider bashing out the Security+ in a month or two. (keeps your cisco knowledge fresh).
The reason I say this is that it really does provide a nice general all around view on security in general. From technical ACL stuff, to management and policy. Plus, the word 'security' on your resume looks great.

Maybe after that do the CCNA- Security. Maybe do Linux+ after that as well since linux skills are big in InfoSec. I know it as required for my SOC.

Also, you do realize you have to get a CCNP before CCIE right? Lastly, you cannot get full CISSP credentials if you haven't worked in InfoSec for a few years. I could be mistaken. It also is not easy at all.

MrAgent

Go big, or go home. OSCP.

NetworkNewb

Gratz on the CCNA, will hopefully have mine in a few weeks here as well.

As someone who wants to get into the InfoSec field as well, here is my plan as of right now. After my CCNA I plan on going for Sec+ > GSEC > CISSP. Planning on finding a job as Security Analyst after or during those certs. Then will going to be going for my Masters degree then Doctors degree in CyberSecurity at DSU. Thats my 5 year plan!

If you don't plan on getting into the more technical side I would stay away from the Cisco certs and go for more general ones. I'd recommend certs like Sec+, Linux+, CEH, OSCP, CISSP, GSEC, GIAC, maybe the Wireshark cert (forget the actual name of it). Those are what I would go for if I wasn't going for the degrees I mentioned above. All depends on what you want to do. If you want to get into management there is bunch of other certs you could shoot for as well.

renacido

First and foremost, understand that infosec is an umbrella term that encompasses a wide array of diverse and specialized roles that are all in the interest of security. Some of these are related and have overlapping knowledge areas, but put any of these roles side by side and there are many that have little to do with the other. The reason the CISSP is so broad is it is covers all of them from a managerial perspective.

I would research jobs within infosec and decide from there which cert would align my skills with the requirements or bring me closer to it. You can't go wrong with a general practitioner security cert such as Sec+, GSEC, or SSCP. That I think should be your next step from where you are and that will allow you to pursue your first infosec job.

I disagree with going after OSCP. That is a mid-level penetration testing cert specific for working as an external pentester or for security assessment of high-risk or highly specialized systems where you need someone to go beyond vulnerability scans and Metasploit.

Another thing to consider, your easiest entry point into your first infosec job may be CCNA:S. And you should be halfway prepped for that exam now.

Do yourself a favor, find a mentor who has done security full time for 10 years and ask their advice.

MrAgent

The OSCP would expose OP to more tools and methods etc. It'll definitely open your eyes in terms of security.

Dieg0M

Cisco Inferno wrote: »

Also, you do realize you have to get a CCNP before CCIE right?

CCNP is not a prerequisite for CCIE.

renacido

Not disrespecting the OSCP or Offensive Security, just saying the OSCP is role-specific and the OP would get more value from a general practitioner security cert at this stage in his/her career. If I'm hiring incident handlers or auditors or forensic analysts or security analysts, there are at least half a dozen certs I would prefer to see on resumes over OSCP. If I'm hiring a consultant to do a 3rd-party enterprise security assessment, I definitely want them to have OSCP.